427 Mbits/sec Hardware Implementation of the SHA-1 Algorithm in an FPGA

R. Hoare, P. Menon, and M. Ramos (USA)


Authentication, SHA-1, IPSec, Hardware


Today, security is imperative in many network-based applications. When dealing with data transfer, it is crucial to determine whether the data that is being received has been corrupted. In this context, as the interest in network-based systems increase, so does the necessity for security. Cryptographic hash functions are very important for cryptographic protocols, used to secure information against unspecified attacks [1]. They are used prior to signature scheme operations to efficiently compress and encrypt large messages into a smaller message digest. SHA-1 (Secure Hash Algorithm – 1) is one implementation of such hash functions that takes in messages of size less than 264 bits and produces a 160 bit message digest [2]. SHA-1, which is to be used with Digital Signature Algorithm (DSA) for most commercial applications, can be implemented on common software and hardware platforms [2]. There is an increasing interest in hardware cryptographic accelerator for IPSEC operations such as VPN [3,4]. In this paper we discuss the importance of hardware implementation of SHA-1 and provide two design implementations of SHA-1. The first one is a direct hardware implementation using the algorithm itself with minor changes. The second one is an optimized version. We analyze the gain in throughput achieved as a result of optimization.

Important Links:

Go Back